Current Projects

Interactively exploring 3D scanned dynamic environments

Industry partner: Swiss Post
The goal of this project is to showcase the diversity of Swiss Post as a workplace through immersive and realistic 3D experiences for people to discover and explore using emerging technologies, including Virtual Reality headsets and interactive 3D experiences on tablets and mobile devices. These experiences will give people who are unfamiliar with the activities of Swiss Post novel opportunities for insight into the daily lives of Swiss Post employees and customers across a variety of divisions. The immersive 3D experiences we are creating in this project are based on actual 3D environmental scans, fully interactive and ready to be explored to understand the World of Swiss Post. We also use the rich captures of daily procedures performed by Swiss Post employees for training purposes of new personnel, thereby moving away from text-based instructions to immersive 3D scenarios that will aid learning on the job.

Robotic stacking of parcels in containers and roll cages

Industry partner: Swiss Post
Our goal is to endow robots with the ability to dynamically manipulate and stack rigid boxes. This task requires specialized motion planning algorithms for 1) robust grasping and 2) collision-free trajectories to efficiently move boxes from a conveyor belt to their final location in the container. Both sub-tasks must take into account the workspace of the robot. For example, if reachability is somewhat limited, then the boxes could be tossed gently, or placed down and pushed into their final spot. Such strategies, which are often employed by human workers, require robots to possess a deep understanding of contacts and friction, dynamics, robustness against unanticipated perturbations, dynamic regrasping strategies, etc. The ultimate goal of this project is to endow robots with human-level skill when it comes to loading parcels.

Manipulation of non-rigid e-commerce parcels

Industry partner: Swiss Post
The range (size, shape, internal composition, overall stiffness, etc) of items that Swiss Post must process on a daily basis is rapidly growing. Rather than relying on human labor to sort through these types of non-standard parcels, our goal is to endow robots with the intelligence required to dexterously manipulate soft, unstructured objects. To this end, we will build on the model-based methodology that the CRL research group has recently introduced. In particular, the objective of this project will be to develop technical foundations to allow robots 1) to build an internal mechanical model of soft/unstructured parcels by feeling/scanning/manipulating the items, and 2), to autonomously understand how to grasp, pick up, and dynamically place soft objects on a conveyor belt in a desired configuration.

Secure Governance Schemes for Blockchains
Basic research
Systems based on blockchain technology are promising, as they can be decentralized and rendered robust against attacks. A blockchain is a (distributed) ledger, in which all transactions are recorded sequentially. Because such systems build on distributed consensus they function without the need to build trust among its participants. We develop a new secure voting scheme for the governance of a proof-of-stake blockchain. Although our focus is on governance, we also expect to reap insights that can be helpful to achieve distributed consensus more efficiently.
Highly Available Communication for Financial Networks
ScionIndustry partners: SIX, ZKB
Communication, in particular for critical infrastructures, requires a high level of availability that remains available despite earthquakes, power outages, misconfigurations, or network attackers. One example is the financial industry, which has high requirements on availability to ensure that up-to-date trading information is accessible, that financial transactions are executed within short time windows, and that end customers can execute banking applications online.
SBAS: Bridging the Gap to Next-Generation Internet
Today, the SCION Internet architecture is serving a variety of real-world use cases. However, without SBAS, it is not possible to carry the benefits of SCION out into the wider Internet. This system creates a seamless bridge between SCION and the existing Internet to expand the reach of services built on top of modern Internet architectures.
Blockchain and Cloud Security
Industry partner: NEC
In this project, NEC and ETH are aiming to address various issues in cloud and blockchain security in order to improve the security and scalability of existing storage services. First, in the area of blockchain technology our project focuses on the security and privacy of different blockchain technologies and on the development of new protocols and systems to enhance functionality. Second, in the area of cloud security our projects investigated secure data deduplication that allows storage reduction and makes cloud storage financially attractive to customers, along with novel access control paradigms that allow data sharing according to end users’ needs.

Industry partner: NEC
Maintaining security and privacy in 5G is highly challenging because 5G connects every aspect of our online life to the network, providing connectivity for much critical data stored or shared online. In this project, NEC and ETH are aiming to enhance the security of 5G networks by building a new 5G network slicing architecture that enables: i) dynamic network isolation of mobile devices, ii) network slicing over WAN (Wide-Area Network), iii) secure access control, and iv) scalable key establishment and management.

Industry partner: armasuisse
Many of todays attacks in computer networks are not performed by outside attackers but by malicious insiders. These in-network attacks cannot be mitigated by security applications deployed at the network edge because attack traffic stays within the network. In this project, we leverage recent advances in programmable network architectures to integrate security applications in the network infrastructure itself. This allows them to run in the data plane of a network, on each packet, and without degrading the performance.
Intermediate results of this project include systems to anonymize traffic and to prevent link-flooding attacks.

Full-Stack Verification of Secure Inter-Domain Routing Protocols
Basic research
Inter-domain routing is at the heart of the Internet, yet little effort has been spent on building a formally verified secure routing protocol. In this project, we verify the next-generation routing protocol SCION, from high-level properties down to the implementation. We prove the security of the protocol in the symbolic model and extract a specification of the IO-behavior of SCION routers from it using refinement. On the code level this specification is used to prove the correctness of the implementation. We develop a new technique that establishes a provably sound link between protocol and software verification.
User-Complemented Phishing Protection
Industry partner: Swiss Post
Phishing emails – deceptive messages that trick users into revealing sensitive data – are still a major problem in corporate settings. In this project, we aim to improve phishing detection and education, by bringing users into the security loop. We aim to understand the most effective ways to train users to recognize such deceptive emails and to increase awareness. Moreover, we plan to analyze whether user reports of phishing emails can help security, by improving the performance of automatic detection systems.
Furthermore, as automatic detection systems still mostly rely on rules created manually by experts, we aim at understanding whether a Machine Learning driven system could generate high-quality rules from such user reports.
Towards Provably Secure Internet Communication
Basic research
Nowadays, the wide-spread access to the Internet enables quick communication, unrestrained by physical location. However, this comes at a cost of new security risks, since now private messages become available to adversarial entities, located anywhere around the world. Hence, secure-communication protocols (e.g., session-establishment protocols, such as TLS, or secure-messaging protocols like Signal’s double ratchet), offering different security-functionality-efficiency trade-offs, become essential. The goal of this project is to explore the space of secure-communication protocols from the cryptographic perspective, using various modeling tools, such as the game-based security analysis and the constructive cryptography framework.
Topology-Hiding Computation
Basic research
The topology of the communication network contains highly sensitive information in countless applications, including social networks (e.g. Facebook, Twitter, LinkedIn), the Internet of Things (IoT) or ad-hoc vehicular networks. For example, in social networks the topology of the network contains information about the social data; in IoT and ad-hoc vehicular networks, the position of a node within the network depends on the node’s physical location, which could in turn leak information about the node’s identity or other confidential parameters. The goal of this project is to design protocols that prevent parties, and even colluding sets of parties to learn anything about the network apart from their immediate neighbors.
Automatic Visual Document Parsing
Industry partner: Zurich
In this project, we are building a system that produces an intermediate representation for a diverse range of documents. It takes as input PDF documents or document images and translates them into structured files (e.g. JSON) containing the natural semantic hierarchy representing a document. These JSON files can be queried using a document database, and be used as a uniform document representation by downstream information extraction engines. The system utilizes convolutional neural networks to visually detect structure elements on document pages and is pretrained on a large dataset of scientific documents in a weakly supervised manner.
Self-securing Networks
Industry partner: Armasuisse
In this project, we aim to build data-driven network infrastructures that can autonomously protect, detect and defend themselves against attacks. We intend to develop network-specific learning and inference algorithms that can run directly in the data plane, in real-time, to perform tasks that are difficult to solve today such as (encrypted) traffic classification and fine-grained anomaly detection. To implement these learning and inference algorithms, we intend to leverage newly available capabilities of programmable data planes to run complex forwarding logics.
In this project, we explore recent advances in privacy preserving learning methods for cyber insurance. In particular, we focus on differentially private gradient boosted decision trees. Differentially private learning methods allow us to learn information about a dataset while withholding information about any specific instance from the dataset. In other words, the influence of every single instance on the learned model is deniable, hence preserving the instance’s privacy.
Industry partner: Zurich
This research project aims at shedding a new light on multi-label classification and consists of two main goals: (i) developing a comprehensive, up-to-date benchmark on multi-label classification for two data modalities, and (ii) improving a multi-label classification system for an email forwarding task used by our industry partner.